Web sites, or Internet sites, often provide information, products, services, and the like to their users. Many web sites desire a user to “register” before their web servers will grant access to the user. During registration, a user typically supplies personal information such as username, account number, address, telephone number, e-mail address, computer platform, age, gender, and/or hobbies to the registering web site.
When registering a user for the first time, a web site may request that the user select a login identifier, or login ID, and an associated password. The login ID allows the web site to identify the user and retrieve information about the user during subsequent user visits to the web site. Generally, the login ID is unique to the web site such that no two users have the same login ID. The combination of the login ID and password associated with the login ID allows the web site to authenticate the user during subsequent visits to the web site. The password also prevents others (who do not know the password) from accessing the web site using the user's login ID. Many users access the Internet via mobile devices. But currently, before such users are allowed to access the Internet via their mobile devices, they often need to register their accounts via conventional desktop or laptop personal computers (PCs).
Moreover, scripting (e.g., an automated bot) permits a malicious user to emulate human interaction with a web site for registering a large number of new accounts associated with fictitious users. Such automated script registrations may have several undesirable consequences. For example, because many electronic mail (or e-mail) services allow users to filter out unsolicited mass mailings (i.e., spam) based on the sender's address, running scripts to register new e-mail accounts enables the malicious user to continue sending spam from the new accounts in the face of such filtering. Among other things, the new accounts also provide readily accessible space for storing illegal copies of software.
Several conventional techniques have been designed to prevent automated script registrations. For example, the concept of “Turing tests” for interrogating two unseen respondents, a human and a computer, has been developed to determine which of the two is the computer. Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) is a well-known project that creates puzzles designed to be solvable by humans but not by computers for distinguishing humans and computers over a network. Typically, the puzzles involve having the user read a sequence of characters from a visually cluttered image. Further information on CAPTCHA is available at www.captcha.net.
Preventing automated script registrations via a mobile device such as a portable phone or a personal digital assistant (PDA) presents another challenge. Presently, implementations of the conventional CAPTCHAs or HIPs are limited to PCs. This is because a mobile device typically does not have sufficient screen resolution, graphics capability, audio capability, or memory to successfully implement a CAPTCHA or HIP based on image or audio recognition. Moreover, the transmission channel to a mobile device typically does not have sufficient network bandwidth and/or speed to effectively transmit a traditional CAPTCHA or HIP to the mobile device.
In light of the foregoing, a solution is desired to effectively allow a user to create an account via a mobile device without permitting automated scripts to run a repetitive task that is supposed to be performed by a human.